[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[SCM] GNU gnutls branch, master, updated. gnutls_3_1_3-34-g083067e
From: |
Nikos Mavrogiannopoulos |
Subject: |
[SCM] GNU gnutls branch, master, updated. gnutls_3_1_3-34-g083067e |
Date: |
Wed, 31 Oct 2012 21:49:46 +0000 |
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU gnutls".
http://git.savannah.gnu.org/cgit/gnutls.git/commit/?id=083067e630498f274608fa67308cb7dda816ac18
The branch, master has been updated
via 083067e630498f274608fa67308cb7dda816ac18 (commit)
via 2aa6ec13fc2976564f0046e67ea6e175f1f2a0d7 (commit)
from 8fc613454022285610b0ac03eeeb3a6b9b8a0e15 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 083067e630498f274608fa67308cb7dda816ac18
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Wed Oct 31 22:48:52 2012 +0100
mention that GNUTLS_CERT_INVALID flag is deprecated by
GNUTLS_CERT_SIGNER_NOT_FOUND and GNUTLS_CERT_SIGNATURE_FAILURE.
commit 2aa6ec13fc2976564f0046e67ea6e175f1f2a0d7
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Wed Oct 31 22:46:32 2012 +0100
updated gnutls_certificate_verification_status_print() presentation
-----------------------------------------------------------------------
Summary of changes:
lib/gnutls_cert.c | 56 ++++++++++++++++++--------------------
lib/includes/gnutls/gnutls.h.in | 3 +-
src/common.c | 2 +-
3 files changed, 30 insertions(+), 31 deletions(-)
diff --git a/lib/gnutls_cert.c b/lib/gnutls_cert.c
index f803a65..5bb20f1 100644
--- a/lib/gnutls_cert.c
+++ b/lib/gnutls_cert.c
@@ -930,57 +930,55 @@ gnutls_certificate_verification_status_print (unsigned
int status,
_gnutls_buffer_init (&str);
+ if (status == 0)
+ _gnutls_buffer_append_str (&str, _("Peer's certificate is trusted. "));
+ else
+ _gnutls_buffer_append_str (&str, _("Peer's certificate is NOT trusted. "));
+
if (type == GNUTLS_CRT_X509)
{
- if (status == 0)
- _gnutls_buffer_append_str (&str, _("- Peer's certificate is
trusted\n"));
- else
- {
- if (status & GNUTLS_CERT_INVALID)
- _gnutls_buffer_append_str (&str, _("- Peer's certificate is NOT
trusted\n"));
+ if (status & GNUTLS_CERT_REVOKED)
+ _gnutls_buffer_append_str (&str, _("Peer's certificate chain revoked.
"));
- if (status & GNUTLS_CERT_REVOKED)
- _gnutls_buffer_append_str (&str, _("- Peer's certificate chain
revoked\n"));
+ if (status & GNUTLS_CERT_REVOCATION_DATA_TOO_OLD)
+ _gnutls_buffer_append_str (&str, _("The revocation data provided by
the peer are too old. "));
- if (status & GNUTLS_CERT_REVOCATION_DATA_TOO_OLD)
- _gnutls_buffer_append_str (&str, _("- The revocation data
provided by the peer are too old\n"));
+ if (status & GNUTLS_CERT_REVOCATION_DATA_INVALID)
+ _gnutls_buffer_append_str (&str, _("The revocation data provided by
the peer are invalid. "));
- if (status & GNUTLS_CERT_REVOCATION_DATA_INVALID)
- _gnutls_buffer_append_str (&str, _("- The revocation data
provided by the peer are invalid\n"));
+ if (status & GNUTLS_CERT_SIGNER_NOT_FOUND)
+ _gnutls_buffer_append_str (&str, _("Peer's certificate issuer is
unknown. "));
- if (status & GNUTLS_CERT_SIGNER_NOT_FOUND)
- _gnutls_buffer_append_str (&str, _("- Peer's certificate issuer
is unknown\n"));
-
- if (status & GNUTLS_CERT_SIGNER_NOT_CA)
- _gnutls_buffer_append_str (&str, _("- Peer's certificate issuer
is not a CA\n"));
- }
+ if (status & GNUTLS_CERT_SIGNER_NOT_CA)
+ _gnutls_buffer_append_str (&str, _("Peer's certificate issuer is not
a CA. "));
}
else if (type == GNUTLS_CRT_OPENPGP)
{
- if (status == 0)
- _gnutls_buffer_append_str (&str, _("- Peer's key is valid\n"));
-
- if (status & GNUTLS_CERT_INVALID)
- _gnutls_buffer_append_str (&str, _("- Peer's certificate is
invalid\n"));
+ _gnutls_buffer_append_str (&str, _("Peer's certificate is not trusted.
"));
if (status & GNUTLS_CERT_SIGNER_NOT_FOUND)
- _gnutls_buffer_append_str (&str, _("- Could not find a signer of the
peer's certificate\n"));
+ _gnutls_buffer_append_str (&str, _("Could not find a signer of the
peer's certificate. "));
if (status & GNUTLS_CERT_REVOKED)
- _gnutls_buffer_append_str (&str, _("- Peer's certificate is
revoked\n"));
+ _gnutls_buffer_append_str (&str, _("Peer's certificate is revoked.
"));
}
if (status & GNUTLS_CERT_INSECURE_ALGORITHM)
- _gnutls_buffer_append_str (&str, _("- Peer's certificate chain uses
insecure algorithm\n"));
+ _gnutls_buffer_append_str (&str, _("Peer's certificate chain uses insecure
algorithm. "));
if (status & GNUTLS_CERT_NOT_ACTIVATED)
- _gnutls_buffer_append_str (&str, _("- Peer's certificate chain uses not
yet valid certificate\n"));
+ _gnutls_buffer_append_str (&str, _("Peer's certificate chain uses not yet
valid certificate. "));
if (status & GNUTLS_CERT_EXPIRED)
- _gnutls_buffer_append_str (&str, _("- Peer's certificate chain uses
expired certificate\n"));
+ _gnutls_buffer_append_str (&str, _("Peer's certificate chain uses expired
certificate. "));
+
+ if (status & GNUTLS_CERT_SIGNATURE_FAILURE)
+ _gnutls_buffer_append_str (&str, _("The signature in the certificate is
invalid. "));
if (status & GNUTLS_CERT_UNEXPECTED_OWNER)
- _gnutls_buffer_append_str (&str, _("- The name in the certificate does not
match the expected\n"));
+ _gnutls_buffer_append_str (&str, _("The name in the certificate does not
match the expected. "));
+
+ _gnutls_buffer_append_str (&str, "\n");
ret = _gnutls_buffer_to_datum( &str, out);
if (out->size > 0) out->size--;
diff --git a/lib/includes/gnutls/gnutls.h.in b/lib/includes/gnutls/gnutls.h.in
index 98a86fb..ff0994a 100644
--- a/lib/includes/gnutls/gnutls.h.in
+++ b/lib/includes/gnutls/gnutls.h.in
@@ -430,7 +430,8 @@ extern "C"
/**
* gnutls_certificate_status_t:
* @GNUTLS_CERT_INVALID: The certificate is not signed by one of the
- * known authorities or the signature is invalid.
+ * known authorities or the signature is invalid (deprecated by the flags
+ * %GNUTLS_CERT_SIGNATURE_FAILURE and %GNUTLS_CERT_SIGNER_NOT_FOUND).
* @GNUTLS_CERT_SIGNATURE_FAILURE: The signature verification failed.
* @GNUTLS_CERT_REVOKED: Certificate is revoked by its authority. In X.509
this will be
* set only if CRLs are checked.
diff --git a/src/common.c b/src/common.c
index 3e8932a..42ac6b6 100644
--- a/src/common.c
+++ b/src/common.c
@@ -340,7 +340,7 @@ cert_verify (gnutls_session_t session, const char* hostname)
return 0;
}
- printf ("%s", out.data);
+ printf ("- %s", out.data);
gnutls_free(out.data);
hooks/post-receive
--
GNU gnutls
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [SCM] GNU gnutls branch, master, updated. gnutls_3_1_3-34-g083067e,
Nikos Mavrogiannopoulos <=